Microsoft has released out-of-band security updates to address a remote code execution vulnerability — known as PrintNightmare (CVE-2021-34527) — in the Windows Print spooler service. The Computer Emergency Response Team Coordination Center (CERT/CC), part of the Software Engineering Institute at Carnegie Mellon University, last week reported a critical RCE vulnerability impacting the Windows Print Spooler service that allows a remote authenticated attacker to execute arbitrary code with system privileges on a vulnerable system.

The updates are cumulative and contain all previous fixes, as well as protections for CVE-2021-1675. The updates do not include Windows 10 version 1607, Windows Server 2012 or Windows Server 2016 — Microsoft states updates for these versions are forthcoming. According to CERT/CC, “the Microsoft update for CVE-2021-34527 only appears to address the Remote Code Execution (RCE via SMB and RPC) variants of the PrintNightmare, and not the Local Privilege Escalation (LPE) variant.” See CERT/CC Vulnerability Note VU #383432 for workarounds for the LPE variant. 

The Cybersecurity & Infrastructure Security Agency encourages users and administrators to review the Microsoft security updates as well as CERT/CC Vulnerability Note VU #383432 and apply the necessary updates or workarounds. For additional background, see CISA’s initial communication.

Related News Articles

Headline
The Cybersecurity and Infrastructure Security Agency, FBI and National Security Agency yesterday issued an advisory to help organizations secure their…
Headline
John Riggi, AHA’s senior advisory for cyber security and risk, speaks with Edward You, supervisory special agent in the FBI’s Weapons of Mass Destruction…
Headline
The National Institute of Standards and Technology will work with technology leaders to develop a framework to improve security in the technology supply chain…
Headline
The FBI today released an alert on Hive ransomware, which uses mechanisms such as phishing emails with malicious attachments and Remote Desktop Protocol to…
Headline
The FBI yesterday alerted U.S. organizations to ransomware attacks by a group using phishing emails to access victim networks and download Cobalt Strike threat…
Headline
BlackBerry yesterday announced a set of cyber vulnerabilities in its QNX Real Time Operating System for medical devices and other products, which a remote…